Mark Nelson

Dr. Dobb's Bloggers

Network Discovery Tools: Putting DNS Service Discovery To Work

September 30, 2011

I will show you a little bit about how we use DNS-SD, and how you can put it to work effectively in your networks.

For most of this year I've been working on a new product called Cisco OnPlus, a network management service for small businesses. In order to do its job effectively, OnPlus needs to know what devices are present on the network, and one of the key tools we use to accomplish this is DNS Service Discovery. In this article I will show you a little bit about how we use DNS-SD, and how you can put it to work effectively in your networks.

OnPlus

Cisco OnPlus is a cloud-based network management tool that helps resellers support their customers. The figure below shows you a typical view of a customer network from an OnPlus browser screen. (The customer in this case being my Dad.) OnPlus not only identifies the devices on the customer's network, it also performs configuration backups, firmware updates, and monitors network performance.

The OnPlus Topology View

In order to get this information about the customer's network, OnPlus relies on the OnPlus Network Agent — an ARM-based Linux PC about the size of a paperback book. This computer is a close relative of the Sheeva Plug, and despite its small size, it runs a fairly complete distribution of Linux.

The OnPlus Network Agent.

The agent regularly runs a complete inventory of the network, attempting to learn as much as possible about all of the devices it can find. The inventory process uses a huge list of protocols when scanning the network, including:

DNS Service Discovery

DHCP Packet Inspection

DNS Packet Inspection

Windows Management Instrumentation

Cisco Discovery Protocol (CDP)

NETBIOS/SMB

UPnP

SLP

Traceroute

ARP

When it comes to locating devices made by my business unit at Cisco, the most useful protocols are DNS Service Discovery and Cisco Discovery Protocol. DNS Service Discovery provides all the information the inventory process needs to fully identify a device: its specific Product ID (more or less a model number), the version number of both the hardware and the firmware, its MAC address, and its IP address. (CDP provides a nearly identical bundle of data.) This information is readily available because devices made by Cisco's Small Business Technology Group use DNS-SD to broadcast information using our proprietary service type: csco-sb.

A Quick Overview of DNS Service Discovery

So what exactly is DNS Service Discovery? If you're like me, you became aware of DNS-SD because Apple uses it as part of Bonjour. Bonjour is a proprietary implementation of Zeroconf, a set of technologies marked by three key network components:

Address assignment

Service discovery

Name resolution

The history of Zeroconf is a somewhat quixotic story, based around the shared idea that setting up small networks ought to be a painless and simple process. The components of Zeroconf provide a nice, vendor-agnostic way to set up networks so that no consumer would ever have to manually assign an IP address, set up a DHCP server, or manually enter the address of a printer.

Apple has embraced this idea with its implementation of Zeroconf, called Bonjour, an Apple trademark. If you run iTunes on your Apple or Windows PC, you may well see that there are other users out there running iTunes who would be happy to share their collections with you. This happens more or less with no work on your part, and can be a really nice feature in a big office:

Sharing iTunes Libraries.

iTunes accomplishes this sharing using DNS-SD, which is built into OS X and is configured on Windows machines as part of the iTunes installation. Every instance of iTunes that is configured to share its library uses Bonjour to advertise an instance of the daap service. If we look in the official roster of registered DNS Service types, we find this record:

This is a pretty simple definition. Let's see what it looks like on the network.

On my desktop Linux system, I have the avahi utilities installed. Avahi provides a nice suite of tools used to implement DNS-SD. I'll use the avahi-browse command to see what these daap services actually look like:

From this information, I know have everything I need in order to connect to a server and start playing music. I have a hostname, IP address, and a port, all of which can be used to access the service. Finally, I have a txt record that contains an arbitrary set of name/value pairs, as defined in the service definition. The use of these fields is up to the creator of the service, and in this case most of them are self-evident.

Browsing the Network

We use the avahi toolkit in OnPlus to browse the network for devices. It is worth doing a little exploring on my home network to see what kind of information we get out of this process.

To get a high-level view, I can ask avahi-browse to query for a special service: services._dns-ds._udp. When this browse request goes out on the network, all the active nodes using DNS-SD issue records detailing the types of services they support. The result on my home network looks like this:

As you can see, there are a surprising number of DNS-SD services present. On my network, an explanation for each of the services is:

_udisks-ssh:

A remote disk management tool being advertised by my Ubuntu systems

_workstation:

Some sort of workgroup management interface support by various Linux systems.

_ir-hvac-0xx:

Management interfaces on a Trane thermostat that happens to have wireless access to my network

_pdl-datastream:

Printer page description language interface. This is a service that is used in Bonjour printing. Both of my networked printers support it.

_printer

Both of my printers use this advertisement to offer TCP port 515 up for LPR print spooling

_tivo-videos

My Tivo sends out this advertisement, which provides a complete URL I can use to get an XML-formatted version of the Now Playing section of the Tivo UI.

_readynas

My Netgear ReadyNAS uses this unregistered service type to advertise something that can be reached on port 9. Exactly what, I don't know, but I think it might be just a way for PC users to find the NAS with RAIDar.

_smb

My Netgear ReadyNAS advertises its Windows shares with this service type

I have a Firefly iTunes server running on my NAS. In addition to serving music via DAAP, it uses the Roku Server Protocol as well, presumably working with some other devices besides iTunes.

_http

Most of the devices on my network that are running web servers issue an HTTP advertisement, which points to that interface.

_csco-sb

My two Cisco SB devices advertise their presence using this service

This special command to show me the services available is not actually used in OnPlus. Instead, we call avahi-browse with the -r and -p commands, asking it to do a full resolution on all discovered services.

Cisco Devices

The place where we get the most interesting results from avahi-browse is when we tell it to look specifically for instances of the cisco-sb service. That command produces output like this:

If you look at the first '=' records that is issued by avahi-browse, you can see that when it comes to discovery, I have really hit the jackpot. I've identified a device on my system that I can reach with a specific IP address. I have a MAC address that I can now use as a globally unique identifier. And I have the Cisco Product ID, the hardware version, and the firmware version, as well as the user-assigned host name and a friendly model name.

When I have information like this, it allows me to fill in the details in the topology map quite accurately. Better yet, since this is a Cisco device, the OnPlus appliance can now send it some queries to find out more network information. As an example, the switch's CAM table provides me with a list of devices and the ports they are attached to, which helps me fill in some of the details of the topology picture.

Processing This Data

If you are a programmer, the natural question you might be asking is how you access these service advertisements from inside your program. In the case of Cisco OnPlus, most of the code running the inventory task consists of PHP scripts. As far as I know, there are no bindings in PHP to DNS-SD services, and we elected not to try to invent that wheel.

Instead, we use PHP's popen() function to run instances of avahi-browse, collecting the output from the program and parsing it accordingly. We actually have three instances of the browser running at any time. Two are dedicated to Cisco-specific services, while the third looks at all other services. Even though other services might not give us as much information as csco-sb, they still supply host names, MAC addresses, IP addresses, descriptions, and more, and we use whatever we can find.

These instances of avahi-browse run as independent discovery processes, collecting and storing data as it is seen on the network. The records that they collect are then used by the inventory process when it is periodically launched.

The DNS-SD discovery processes actually take an active role in the inventory scheme. When one of the avahi-based processes discovers a significant new device on the network, such as one advertising cisco-sb, it stores the data record and then triggers an early start to the inventory process. This allows OnPlus to respond to new devices on the network in something close to real-time.

Advertising

So let's say you decide you want to use DNS-SD for some form of network discovery. I've shown you how you can you discover network nodes that are advertising a service, but how do you actually perform that advertisement?

In the OnPlus Network we use the avahi package to advertise services as well as to find them. The avahi-publish command does the job, typically started as a daemon to run for the lifetime of the system. When executing avahi-publish, you will normally want to specify:

A service type

The name of the service instance

A port to access the service

Text records containing whatever name/value pairs you want to publish

One thing to note is that you can use DNS-SD to advertise things that don't necessarily map directly to a port. For example, if you just want to let everyone know of your existence, the port parameter might be irrelevant, but the name/value pairs could still be valuable.

As an example, I might create a photo-sharing service that I advertise on the network using a service I'll call PhotoMark. To let everyone know about this, I execute the following command when my system starts up:

Anyone on the network using DNS-SD could then see that I was advertising photo sharing with photos of type GIF accessible on my pictures folder. Of course, the details of the protocol are not included in the advertisement — that's outside the scope of DNS-SD.

Often a good choice for the service instance is to simply use the computer name:

What's Next

In this article I showed you how we use DNS-SD on the Cisco OnPlus Network Agent. Mostly it involves calling the avahi command-line tools and parsing their output with PHP scripts.

In my next post, I'll show you how to do the same thing on a Windows PC using the Apple Bonjour SDK. Unfortunately, Windows has not included DNS-SD support in the OS, so instead of using the Win32 API to do service discovery, you will have to rely on some slightly less-elegant methods. But when it comes to network discovery, functionality and interoperability trump elegance every day of the week.

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task.
However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

This month's Dr. Dobb's Journal

This month,
Dr. Dobb's Journal is devoted to mobile programming. We introduce you to Apple's new Swift programming language, discuss the perils of being the third-most-popular mobile platform, revisit SQLite on Android
, and much more!